Privacy notice and terms of use for the Unico Account

We are Unico, a Brazilian company offering solutions to simplify people's lives through facial biometrics. Our goal is to identify and connect individuals with products and services in a simple and reliable way, ensuring greater security, transparency, and control over the use of their personal data.

Unico has an unwavering commitment to the utmost respect for each individual's privacy. Therefore, throughout this document, we aim to explain our role and the processing of personal data carried out in the context of the Unico Account."

Let me know if you need any refinements!

What is the Unique Account and who can use it?

The Unico Account is your personal identification to access and use the products or services of Unico, contracted by the company you are part of ("contracting company"), or to exercise your rights through our privacy portal (https://secure.unico.io/dados-e-privacidade). It is through the Unico Account that the contracting company grants you access authorization and permission, so that, after an authentication process, you can utilize our products and services.

To obtain such access, it is necessary that you have the granting and authorization from the contracting company, as well as fulfill all legal requirements inherent to the acceptance of this document in order to bind yourself and the contracting company to the provisions now presented.

Therefore, by agreeing to this document, you declare yourself legally capable of accepting it.

How we collect your data?

Data collection can be initiated (i) when the Contracting Company registers and grants you permission to access our products or services; (ii) from your own registration that you will need to make in order to exercise your rights through our privacy portal (https://secure.unico.io/dados-e-privacidade).

In the first scenario, you or a representative of your company who has the permission to register will input some of your personal data into the product, such as: email address, phone number, name, and CPF, so that an invitation to create a Unico Account can be automatically sent to you. If you have a user profile that grants you the authority to provide Unico with personal data of others, you must do so in compliance with applicable legislation, as well as security rules established by Unico and, subsidiarily, by the contracting company, provided that there are no conflicts between these, in which case Unico's rules will prevail.

In the second scenario, when selecting the right you wish to exercise on our , you will need to share your CPF, photo, and facial biometrics for the purpose of access authentication to the product, as well as your email for confirming your information.

Why do we use your personal data?

After creating a single account, the personal data entered will be used for the following purposes: (i) registration and/or authentication for directing and accessing our products or services and privacy portal ; (ii) provision of technical support; (iii) development, maintenance, and improvement of features and functionalities; (iv) performance analysis, audience measurement, verification of browsing habits; (v) detection of how they arrived at the product; (vi) assessment of statistics related to the number of accesses and usage; (vii) analyses related to information security; and (viii) compliance with legal or judicial orders, when applicable.

What are my responsibilities?

For the correct operation of the unique account, it is your responsibility to observe and comply with all specifications, instructions, standards, and technical requirements that may be requested. In addition, by agreeing to this document, you are responsible for:

a) Knowing the current legislation and correctly using the unique account;

b) Entering only correct information about yourself;

c) Providing only correct information about others, when your access profile grants you such powers;

d) Ensuring the accuracy of all the information provided, acknowledging that inconsistencies may result in the inability to access and/or use the unique account;

e) Ensuring the security, confidentiality, and proper use of your registered login and password, as well as all and any acts or omissions that occur from accesses initiated with your login to the systems.

f) Ensure the security, confidentiality, and proper use of your registered login and password, as well as all and any actions or omissions that occur from accesses initiated with your login to the systems;

g) Ensure the security, confidentiality, and proper use of the personal data of others that you may access due to your access profile.

What can I not do?

You may not perform the following actions by reason of or through the use of the Unico account:

a) Any illegal acts and/or in violation of current legislation;

b) Acts contrary to the provisions of this document;

c) Acts contrary to morals and good customs;

d) Acts that cause or facilitate contamination or harm any equipment of Unico and/or third parties, including through viruses, trojans, malware, worms, bots, backdoors, spyware, rootkits, or any other devices that may be created.

e) Practice any acts that, directly or indirectly, in whole or in part, may cause harm to Unico, to any users of the systems, and/or to any third parties, including through automated means, such as hacking, scraping, or crawling;

f) Use the Unico account or access it to represent any person or improperly represent an entity, or falsely declare (or otherwise misrepresent) your affiliation with any person or entity;

g) License, sublicense, sell, rent, transfer, distribute, share, or in any way make the Unico account or its functionalities and/or related documents available for access by third parties without the express permission of Unico;

h) Use the Unico account for the purpose of developing or operating a similar product in competition with Unico, or facilitate access by a direct competitor of Unico; and

i) Decompile or promote, and/or facilitate any reverse engineering, unauthorized access or attempt to reverse engineer or gain unauthorized access to the source code of the Unico account.

If you violate any provision of these Terms or legal provision, without prejudice to other measures, Unico may, at any time, at its sole discretion, without the need for any prior or subsequent notice or notification to any Unico account or any third party, by any means or form, without prejudice to initiating appropriate legal measures, (i) suspend or limit your access to the Unico account, (ii) take other measures it deems necessary to comply with these Terms and to ensure the proper functioning of the product.

What are the liability limitations of Unico?

Under no circumstances shall Unico be liable, including but not limited to:

a) If you misuse the Unico account or provide any incorrect information, including any type of virus, regardless of whether such use occurs without your knowledge and/or consent;

b) For failures, technical impossibilities, or system unavailability due to misuse or technical issues with the devices you use to access the Unico account.

Who will your personal data be shared with?

Unico may provide personal information to companies, government institutions, or any other third party not affiliated with Unico and not part of this relationship in the following cases:

a) Judicial request or other valid determination from the Brazilian or international government;

b) Due to national or international legislation;

Where are your personal data stored, and for how long?

Your personal data is stored securely and confidentially in our database, which may be located on national or international servers, to ensure that only you can use them for this or future operations. We keep your personal data only for the period necessary to fulfill the purposes of the product and the purposes outlined in this notice, or to comply with applicable law.

Does Unico perform international data transfers?

The personal data processed by Unico may be transferred internationally to the United States for the purpose of cloud storage with GOOGLE, during the period that your data will be processed by Unico. The databases are located in the United States of America. Therefore, in accordance with what is provided by the legislation on international data transfer, Unico has a contract with GOOGLE, with the necessary legal backing for the provision of cloud storage services. The data is transferred through secure protocols to the mentioned cloud, where it will be stored in an encrypted manner.You can choose at any time to exercise any rights provided by law directly with UNICO at the link https://secure.unico.io/dados-e-privacidade. However, if you prefer to submit a request through ANPD's direct channel regarding Unico, just access https://www.gov.br/anpd/pt-br.

How do we ensure data security?

Keeping data secure is one of the most important pillars for us. That is why we devote efforts to applying and maintaining international standards of information security, in order to preserve confidentiality, integrity, availability, and compliance with Brazilian legislation. Our employees are committed to continuously improving security controls, keeping your information safe throughout the transmission, processing, and storage flow. In addition, they are subject to strict contractual confidentiality obligations, and can be prosecuted and even dismissed if they fail to meet such obligations. Thus, we apply best practices and controls for: a) risk treatment and assessment; b) physical and logical access; c) secure and encrypted transmissions; d) secure development of systems and applications; e) physical and network security; f) threat monitoring and detection; g) malicious code; h) vulnerability treatment; i) backups and contingency planning.

How can you request the deletion of your personal data or exercise your rights provided by law?

We want you to feel safe at Unico and to be in control of your data. Therefore, you can choose, at any time, to exercise any rights provided by law, especially the rights of data subjects provided in the LGPD, such as:

• Accessing your personal data;

• Correcting incomplete, inaccurate, or outdated data;

• Obtaining confirmation of the existence of data processing;

• Requesting the portability of data to another service or product provider;

• Requesting the deletion of unnecessary, excessive, or non-compliant data under the provisions of the LGPD;

• Analyzing automated decisions about data;

• Among others.

To obtain more information on how to exercise your rights as a data subject, simply visit our Privacy Portal: https://privacidade.unico.io/.

Furthermore, it is worth noting that (i) the data provided to the contracting company up until the time of the deletion request may continue to be stored in the event of a legal determination; (ii) after the deletion of your data from your unico account, it will no longer be possible to access the products or services of Unico, contracted by the contracting company, in which case you will need to register again.

Can this Privacy Notice and Terms of Use be changed?

Yes, this document can be changed at any time without prior notice. However, we will not include any provision that excludes or restricts your rights, and we will make the most updated version available on our website. Therefore, we recommend that you periodically access our communication channels to find our updates. How can you be assisted or obtain more information about privacy?

Unico provides an exclusive page with information on how we handle your privacy, data management, and how you can exercise your rights under the law: https://unico.io/privacidade-e-gestao-de-dados/. If you prefer, contact our Data Protection Officer:

VYou will still be able to access the Unico Help Center and submit a request to talk directly to one of our representatives through the website: https://unico.io/faq/.